Certificazione Di Un Sistema Di Gestione Ambientale

INFORMATIVE QUESTIONNAIRE FOR THE CERTIFICATION OF A SECURITY MANAGEMENT SYSTEM

CERTIFICATION OF SECURITY MANAGEMENT SYSTEMS

Informative questionnaire to be filled in and returned to RINA

Reference standard

/

ISO28000:2007

Section A – GENERAL INFORMATION ABOUT THE ORGANISATION

Company name

Registered address

/

POSTCODE/TOWN

Contact person

VAT N°

/

Telephone

/

Fax

/

e-mail

PRODUCTION SITE (if different from the Head Office)

Name

Address

/

POSTCODE/TOWN

Contact person

Telephone

/

Fax

/

e-mail

Total n° of employees:

/

N° of managers:

/

N° of clerical workers:

/

N° of manual workers:

N° of work shifts:

/

N° of shift workers:

/

N° of non-shift workers:

Year the organisation was established: ______

/

Approximate turnover last year:

Is the organisation part of a larger group? YES  NO

If yes, give a short desciption of the gorup (nunber of companies, brenches, operating countries, etc):

Short description of the organization role in the group:

Section B – ACTIVITIES, PRODUCTS AND SERVICES

Description of the organisation's activities, products and/or services: (attach an extra sheet if necessary)

Sezione B.1 –SECURITY TOOLS

Description of the main tools, technonlogies and human resourcesinvolved in the security management (attach an extra sheet if necessary)

Section C – OTHER PERMANENT SITES, FACTORIES, OPERATIVE UNITS, WORK-SITES(hereinafter indicated as “sites”)

Does the organisation have more than one site?(work-sites not included)  YES  NO

/

How many?(n°)

How many of these sites require certification?(n°)

Indicate for each site requiring certification: (Attach an extra sheet if necessary)

Name or type
(warehouse, factory, unit...) / Address /

Tot. employees at site/s (n°):

/

N° of work shifts:

/

N° of shift workers:

Are there any operative work-sites?  YES  NO

/

Indicate the average n° of work-sites opened each year: ______

If there is more than one site, describe the activities, products or services at each site indicated in section B:(attach an extra sheet if necessary)

Name or type

/

Description of activities, products or services at site

If there is more than one site, describe, for each site, the main tools, technonlogies and human resourcesinvolved in the security management (attach an extra sheet if necessary)

Name or type

/

Description of activities, products or services at site

Section D – CERTIFICATION

Description of the activities, products and/or services to which the security management systems is applied:

Are there any activities that are required to be excluded from certification?  YES  NO

Which?

Has the organisation already obtained other types of certification (e.g.: ISO9000, ISO14001…)?  YES  NO

If yes, which?

Does the organisation wish RINA to certify other management systems?  YES  NO

If yes, which:

Quality:

/

 ISO 9001:2000

/

Ethics:

/

 SA 8000

Environment:

/

ISO 14001  EPD

/

Safety:

/

 OHSAS 18001

Other RINA certificates (*)

/

……………………………………………………………………………………………………………………………………………………….

…………………………………………………………………………………………………………

(*) for other RINA certificates/services please consult

Has the organisation used consulting firms to develop itssecurity management system?

 YES  NO

Name of this firm (reply optional):

If further information is required you will shortly be contacted by a representative of RINA.

In relation to legislative decree 196/03 concerning the handling of personal data, I declare that I have received the information sheet attached and/or contained in the Rules for certification relevant to the handling of my personal data.
Whereas, as indicated in point 3 of the above-mentioned information sheet, my personal data may be used to receive commercial communications by electronic means (e-mail, fax, SMS or MMS or other)
 I consent I do not consent
to these communications being sent.
______on ______/ Stamp and Signature
(Give name and position)

Form QUAINFSec_enA1.2

INFORMATIVE QUESTIONNAIRE FOR THE CERTIFICATION OF A SECURITY MANAGEMENT SYSTEM

/ RINA

Personal Data – Consent to the Relevant Processing.

In accordance with Article 13 of Dlgs 196/2003, and in relation to your data (company name; address of head office and any secondary offices, name and personal data of legal representatives; telephone numbers; tax code and VAT number; bank details; other data related to your economic activity needed in order to implement the contract), directly supplied by you and/or at any rate acquired by us in the course of contractual or pre-contractual relations, you shall take note of the following:

1. The processing to which the above-mentioned data shall be subjected is directed to:

a)making offers and bids and to all other activities aimed at entering into contracts;

b)the performance by us of all related activities instrumental for the correct management and execution of the existing contractual relations, and in particular for the execution of accounting and tax obligations, the administration of relations with clients and suppliers, the management of payments and of any claims or disputes, the fulfilment of all our duties pursuant to the applicable laws and our obligations towards the authorizing and accreditation bodies;

c)the commercial information and communication about our services.

1. In relation to the purposes stipulated in point 1, the processing of the personal data acquired by us may be done either manually or through the use of computer or electronic means or at any rate automated, and may consist alternatively or jointly, of operations of recording, conservation, organization, processing, selection, comparison, extraction, communication, cancellation, destruction of this data.
2. Relative to the personal data directly supplied by you and/or in any case acquired by us in the course of the contractual relations, an express consent to processing, dissemination and to communication to addressees mentioned in the following point 6 is not necessary, on the condition that it is made for the purposes stipulated in letters (a) and (b) of point 1, this being the presumed consent by law or at any rate not obligatory.
3. As far as processing of your personal data for the purposes stipulated in letter (c) of point 1 is concerned, your voluntary express consent is necessary to allow us to contact you for commercial purposes, through the use of automated call systems or electronic means, such as e-mail, telefax, sms and mms messages, etc.
4. The holder of the personal data directly supplied by you and/or acquired by us is RINA S.p.A. with head office in Genova, Via Corsica 12, that has appointed its Financial Director as person responsible, whose details and address can be provided upon request to our head office.
5. The personal data may be communicated, for similar processing, to other companies in the group to which, as per the regulations stipulated in Article 2359 of the Italian Civil Code, our Company belongs.
6. Your personal data may be communicated, even outside the territorial environment of the European Union, to the following categories of individuals: couriers/forwarding agents, banking institutes and non-banking financial intermediaries; postal administrations – postel service; agents, professional offices and consultancy companies for the performance of assistance services in accounting and tax matters, claims management and credit collection; consultants and firms entrusted with the maintenance of the company information system; auditing companies; public administrations and other private or public organizations to whom our Company must communicate your data pursuant to law or contractual duties. The individuals belonging to the above categories to which the personal data may be communicated, shall use this data as Holders with the exception of the individuals nominated as responsible.
7. Your personal data will be communicated to the individuals nominated as responsible and authorized, who need to utilize it for the performance of tasks and functions assigned to them.
8. Your personal data may be disseminated through publication in our Company’s periodicals (Registers, directories, newsletters, etc.) and through the insertion on our website.
9. The law recognises you a series of rights (Article 7 of Italian Decree 196/2003), among which there is the right to oppose for legitimate reasons the processing in question, to obtain from the holder of the processing confirmation of the existence or not of your own personal data and that this personal data be made available in an intelligible form; the right to find out the origin of the data as well as the logic and the aim on which this processing is based; the right to obtain the cancellation, transformation into anonymous form, blocking for data processes in violation of the current provisions, or certification and updating and, if interested, the integration of this data.
10. You hereby consent to the processing of your data for the purposes of letter (C), also through the use of automated call systems or electronic means as described in point 4 above. Such content may be revoked at any time upon request by you.

Form SEC INFO_enA1.3